Privacy Policy

Last updated: April 2026. This policy is a placeholder pending legal counsel review.

1. Introduction

Aced ("we", "us", "our") is an educational platform designed for students ages 11–18. We are committed to protecting the privacy of all users, especially children under 13. This Privacy Policy explains what information we collect, how we use it, and your rights regarding that information.

2. Information We Collect About Children

When a facilitator (parent or guardian) creates a student profile, the following information may be collected:

Identity information: Name, display name, date of birth, grade level
School information: School name (optional)
Academic records: Subjects, assignments, grades, progress data, uploaded documents (report cards, assignment sheets)
Platform activity: Session completions, XP earned, achievements, learning preferences
Forwarded emails: Content of school emails forwarded to the child's unique intake address

3. Third-Party AI Processing

Uploaded documents and forwarded emails are processed by third-party artificial intelligence services to extract assignments, due dates, and learning content. These services include:

OpenRouter (routing layer for LLM providers)
Google AI (Gemini models for document understanding)
Anthropic (Claude models for content analysis)

These services process data solely for the purpose of generating educational content and activity suggestions. We do not sell children's data or use it for advertising purposes.

4. SMS Notifications

SMS notifications are sent via Twilio to the facilitator's (parent/guardian) verified phone number only. Children under 13 do not receive direct SMS messages. SMS is used to notify facilitators of student activity, upcoming assignments, and session reminders.

5. Data Retention

We retain student data for as long as the family account is active. Upon account deletion or facilitator request:

All student profiles and associated data are permanently deleted
Uploaded documents are removed from cloud storage
Processing history is purged from workflow systems
Deletion is logged for compliance auditing

Data deletion is completed within 30 days of request.

6. COPPA Compliance (Children Under 13)

For students under 13 years of age, we require verifiable parental consent before collecting any personal information. The facilitator (parent/guardian) must:

Acknowledge and consent to the collection by checking a consent checkbox
Provide their full name as the consenting party
The date of consent is recorded and stored on the student record

No data is collected about a child under 13 until consent is recorded. Parents may withdraw consent and request data deletion at any time.

7. How to Request Data Deletion

To request deletion of your family's data:

Navigate to Settings in your facilitator dashboard
Click "Delete Family Data" in the Danger Zone section
Confirm the deletion request

Alternatively, you may contact us at [email protected] to request data deletion. All data will be permanently removed within 30 days.

8. Contact Us

If you have questions about this Privacy Policy or our data practices, please contact us at [email protected].